OSVDB ID: 30096

Title: Microsoft Windows NAT Helper Components ipnathlp.dll with ICS Malformed DNS Query DoS

Info

Disclosure

Oct 28, 2006

Discovery

Unknown

Dates

Exploit

Oct 28, 2006

Solution

Unknown

Description

Windows NAT Helper Components contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed DNS query is sent to the host computer using Internet Connection Sharing. An attacker can crash the service on the remote machine resulting in a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Microsoft Corporation

Windows

XP SP2

References

Security Tracker: 1017133
CVE ID: 2006-5614 (see also: NVD)
Bugtraq ID: 20804
Secunia Advisory ID: 22592
SCIP VulDB ID: 2640
Milw0rm: 2672
Exploit Database: 2672
ISS X-Force ID: 29917
Metasploit ID: 30096
VUPEN Advisory: ADV-2006-4248
Other Advisory URL: http://research.eeye.com/html/alerts/zeroday/20061028.html
Keyword: Internet Connection Sharing

Credit

h07 - h07interia.pl -

Direct URL: http://osvdb.org/30096